摘要: 经过分析显示可信计算联盟(TCG)命令验证协议会受到一种基于Dolev-Yao模型的中间人攻击,对系统的可信性和安全性造成影响。针对该攻击,文章提出一种协议改进方法。在改进后的协议中,可信平台模块(TPM)和访问者能对会话状态进行有效的沟通,从而抵御中间人攻击。
关键词:
可信计算联盟,
命令验证协议,
中间人
Abstract: This paper shows that the Trusted Computing Group(TCG) command validation protocols are exposed to a Dolev-Yao Man in The Middle(MiTM) attack, which will tamper with the security and the trustworthiness of the entire system. In order to avoid such attack, this paper proposes a countermeasure which makes an effective way through which the caller and TPM can well understand the session state of each other.
Key words:
Trusted Computing Group(TCG),
command validation protocols,
Man in The Middle(MiTM)
中图分类号:
康新振;王震宇;徐 锐. TCG命令验证协议的改进方法[J]. 计算机工程, 2008, 34(22): 159-161.
KANG Xin-zhen; WANG Zhen-yu; XU Rui. Improvement Method of TCG Command Validation Protocol[J]. Computer Engineering, 2008, 34(22): 159-161.